Latest Cybersecurity News and Articles

---

New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits

A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the

---

SimpleHelp Remote Access Software Exploited in Attacks

Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities. The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek.

---

How Interlock Ransomware Infects Healthcare Organizations

Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total.  This breach shows just how deeply ransomware

---

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0. "Due to a flaw in the multi-line SNMP result parser, authenticated users can inject

---

Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform

Frenos, a company that has developed an autonomous OT security assessment platform, has raised $3.88 million in seed funding.  The post Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform appeared first on SecurityWeek.

---

UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents

The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE. "This research focuses on completing the picture of UAC-0063's operations, particularly documenting their expansion beyond their initial focus on Central Asia,

---

Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer

Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection. "A malicious user with network access may be able to use specially crafted SQL queries to gain database

---

Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability

Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. "Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration," GreyNoise researcher Glenn Thorpe said in an alert

---

Threat of cyber-attacks on Whitehall ‘is severe and advancing quickly’, NAO says

Audit watchdog finds 58 critical IT systems assessed in 2024 had ‘significant gaps in cyber-resilience’The threat of potentially devastating cyber-attacks against UK government departments is “severe and advancing quickly”, with dozens of critical IT systems vulnerable to an expected regular pattern of significant strikes, ministers have been warned.The National Audit Office (NAO) found that 58 critical government IT systems independently assessed in 2024 had “significant gaps in cyber-resilience”, and the government did not know how vulnerable at least 228 ageing and outdated “legacy” IT systems were to cyber-attack. The NAO did not name the systems for fear of helping attackers choose targets. Continue reading...

---

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.

---

PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyberattacks

A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a previously undocumented backdoor dubbed TorNet that's delivered by means of PureCrypter. TorNet is so

---

Eclypsium Eyes Global Expansion with $45 Million Series C Investment

The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital.  The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek.

---

OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking

Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf – including

---

Hackers Drain Over $85 Million From Crypto Exchange Phemex

Hackers stole more than $85 million in crypto assets from hot wallets at cryptocurrency exchange Phemex. The post Hackers Drain Over $85 Million From Crypto Exchange Phemex appeared first on SecurityWeek.

---

NinjaOne to Acquire Dropsuite for $252 Million

Endpoint management and security firm NinjaOne to acquire cloud data backup, archiving, and recovery solutions provider Dropsuite for $252 million. The post NinjaOne to Acquire Dropsuite for $252 Million appeared first on SecurityWeek.

---

European Union Sanctions Russian Nationals for Hacking Estonia

The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia. The post European Union Sanctions Russian Nationals for Hacking Estonia appeared first on SecurityWeek.

---

DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge

China’s DeepSeek blamed sign-up disruptions on a cyberattack as researchers started finding vulnerabilities in the R1 AI model.  The post DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge appeared first on SecurityWeek.

---

ENGlobal Says Personal Information Accessed in Ransomware Attack

ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack. The post ENGlobal Says Personal Information Accessed in Ransomware Attack appeared first on SecurityWeek.

---

SonicWall Confirms Exploitation of New SMA Zero-Day

SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek.

---

AI SOC Analysts: Propelling SecOps into the future

Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged as a critical solution. This blog explores how an AI SOC Analyst transforms alert management, addressing key SOC challenges while enabling faster investigations and responses. Security